Bug#808296: tor: Latest version doesn't start
On Fri, 28 Apr 2017, Sous Studios wrote: > Problem is in /lib/systemd/system/tor.service. Particularly in that > instead of having ExecStart=/path-to-tor, it shows > ExecStart=/bin/true, and hence fails. ExecReload is incorrect as well, > and PID is not passing to it aswell. While the facts you lay out are correct, your conclusion that tor.service is broken is wrong. The tor service now depends on several instances, among them tor@default, which actually starts tor for you. -- | .''`. ** Debian ** Peter Palfrader | : :' : The universal https://www.palfrader.org/ | `. `' Operating System | `-https://www.debian.org/
Bug#808296: tor: Latest version doesn't start
Problem is in /lib/systemd/system/tor.service. Particularly in that instead of having ExecStart=/path-to-tor, it shows ExecStart=/bin/true, and hence fails. ExecReload is incorrect as well, and PID is not passing to it aswell.
Bug#808296: tor: Latest version doesn't start
Hi Im on Linux Mint 18 and still having same issue. Disabling apparmor for tor as you showed above is the only way for me to run it. Hope it helps My kernel is Linux HAL9000 4.4.0-31-generic #50-Ubuntu SMP Wed Jul 13 00:07:12 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux No virtualization Aug 5 15:08:17 HAL9000 systemd[1]: Starting Anonymizing overlay network for TCP... Aug 5 15:08:17 HAL9000 tor[23804]: Aug 05 15:08:17.490 [notice] Tor v0.2.8.6 (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g-fips and Zlib 1.2.8. Aug 5 15:08:17 HAL9000 tor[23804]: Aug 05 15:08:17.490 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Aug 5 15:08:17 HAL9000 tor[23804]: Aug 05 15:08:17.490 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". Aug 5 15:08:17 HAL9000 tor[23804]: Aug 05 15:08:17.490 [notice] Read configuration file "/etc/tor/torrc". Aug 5 15:08:17 HAL9000 tor[23804]: Configuration was valid Aug 5 15:08:17 HAL9000 systemd[23809]: tor@default.service: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory Aug 5 15:08:17 HAL9000 kernel: [ 5460.358255] audit: type=1400 audit(1470402497.552:4): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="system_tor" pid=23809 comm="(tor)" Aug 5 15:08:17 HAL9000 systemd[1]: tor@default.service: Main process exited, code=exited, status=231/APPARMOR Aug 5 15:08:17 HAL9000 systemd[1]: Failed to start Anonymizing overlay network for TCP. Aug 5 15:08:17 HAL9000 systemd[1]: tor@default.service: Unit entered failed state. Aug 5 15:08:17 HAL9000 systemd[1]: tor@default.service: Failed with result 'exit-code'. Aug 5 15:08:17 HAL9000 systemd[1]: tor@default.service: Service hold-off time over, scheduling restart. Aug 5 15:08:17 HAL9000 systemd[1]: Stopped Anonymizing overlay network for TCP.
Bug#808296: tor: Latest version doesn't start
> Cool. It would be interesting to see the corresponding AppArmor denial > logs, if any. > > https://wiki.debian.org/AppArmor/Debug might be helpful. No DENIED message in any log file. Michael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Meskes at (Debian|Postgresql) dot Org Jabber: michael.meskes at gmail dot com VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL
Bug#808296: tor: Latest version doesn't start
Package: tor Version: 0.2.7.6-1 Severity: normal On a fresh unstable installation tor refuses to do anything. The situation seems to be different from #802521, hence a new bug report. If it turns out to be the same bug, feel free to merge. Dez 18 13:16:08 feivel tor[1349]: Dec 18 13:16:08.001 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". Dez 18 13:16:08 feivel systemd[1356]: tor@default.service: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory Dez 18 13:16:08 feivel systemd[1]: tor@default.service: Main process exited, code=exited, status=231/APPARMOR Dez 18 13:16:08 feivel systemd[1]: tor@default.service: Unit entered failed state. Dez 18 13:16:08 feivel systemd[1]: tor@default.service: Failed with result 'exit-code'. Dez 18 13:16:08 feivel systemd[1]: tor@default.service: Service hold-off time over, scheduling restart. Manually downgrading to 0.2.5.12-1 solved the problem for now. Michael -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.4.0-rc4-next-20151211-1.g34634ae-vanilla (SMP w/4 CPU cores; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages tor depends on: ii adduser 3.113+nmu3 ii libc6 2.21-4 ii libevent-2.0-5 2.0.21-stable-2+b1 ii libseccomp2 2.2.3-2 ii libssl1.0.0 1.0.2d-1 ii lsb-base9.20150917 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages tor recommends: ii logrotate3.8.7-2 ii tor-geoipdb 0.2.5.12-1 ii torsocks 2.1.0-1 Versions of packages tor suggests: pn apparmor-utils pn mixmaster pn obfsproxy pn polipo | privoxy pn socat pn tor-arm pn xul-ext-torbutton -- no debconf information
Bug#808296: tor: Latest version doesn't start
On Fri, 18 Dec 2015, Michael Meskes wrote: > On a fresh unstable installation tor refuses to do anything. The situation > seems to be different from #802521, hence a new bug report. If it turns out to > be the same bug, feel free to merge. > > Dez 18 13:16:08 feivel tor[1349]: Dec 18 13:16:08.001 [notice] Read > configuration file "/usr/share/tor/tor-service-defaults-torrc". > Dez 18 13:16:08 feivel systemd[1356]: tor@default.service: Failed at step > APPARMOR spawning /usr/bin/tor: No such file or directory > Dez 18 13:16:08 feivel systemd[1]: tor@default.service: Main process exited, > code=exited, status=231/APPARMOR > Dez 18 13:16:08 feivel systemd[1]: tor@default.service: Unit entered failed > state. > Dez 18 13:16:08 feivel systemd[1]: tor@default.service: Failed with result > 'exit-code'. > Dez 18 13:16:08 feivel systemd[1]: tor@default.service: Service hold-off time > over, scheduling restart. > > Manually downgrading to 0.2.5.12-1 solved the problem for now. Can you tell me more about the system? My guess is, this is an lxc container. Am I right? If not, what's the kernel? Some other kind of virtualization going on? weasel -- | .''`. ** Debian ** Peter Palfrader | : :' : The universal https://www.palfrader.org/ | `. `' Operating System | `-https://www.debian.org/
Bug#808296: tor: Latest version doesn't start
> Can you tell me more about the system? My guess is, this is an lxc > container. Am I right? If not, what's the kernel? Some other kind of Nope, Debian unstable on a new laptop. However, the kernel is *not* a Debian one. The laptop needs the latest development version to enable touchpad and the like. Could any kernel feature make a difference? If so which? > virtualization going on? No, just a straight desktop usage. But is tor supposed to not work in virtualization? Michael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Meskes at (Debian|Postgresql) dot Org Jabber: michael.meskes at gmail dot com VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL
Bug#808296: tor: Latest version doesn't start
On Fri, 18 Dec 2015, Michael Meskes wrote: > > Can you tell me more about the system? My guess is, this is an lxc > > container. Am I right? If not, what's the kernel? Some other kind of > > Nope, Debian unstable on a new laptop. However, the kernel is *not* a > Debian one. The laptop needs the latest development version to enable > touchpad and the like. Could any kernel feature make a difference? If so > which? > > > virtualization going on? > > No, just a straight desktop usage. > > But is tor supposed to not work in virtualization? It's supposed to work, but depending on what your virtualization looks like, systemd's apparmor support gets confused. o Do you have CONFIG_SECURITY_APPARMOR in your kernel? o (Is apparmor installed? not sure that's relevant.) o Does tor work if you disable the apparmor config in the service file: mkdir /etc/systemd/system/tor@default.service.d/ (echo "[Service]"; echo "AppArmorProfile=") > /etc/systemd/system/tor@default.service.d/override.conf systemctl daemon-reload Cheers, -- | .''`. ** Debian ** Peter Palfrader | : :' : The universal https://www.palfrader.org/ | `. `' Operating System | `-https://www.debian.org/
Bug#808296: tor: Latest version doesn't start
> o Do you have CONFIG_SECURITY_APPARMOR in your kernel? michael@feivel:~$ grep CONFIG_SECURITY_APPARMOR /boot/config-4.4.0-rc4-next-20151211-1.g34634ae-vanilla CONFIG_SECURITY_APPARMOR=y CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1 CONFIG_SECURITY_APPARMOR_HASH=y > o (Is apparmor installed? not sure that's relevant.) Version 2.10-2+b2 is installed. > o Does tor work if you disable the apparmor config in the service file: > > mkdir /etc/systemd/system/tor@default.service.d/ > (echo "[Service]"; echo "AppArmorProfile=") > > /etc/systemd/system/tor@default.service.d/override.conf > systemctl daemon-reload That seems to solve it.tor's working now. Michael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Meskes at (Debian|Postgresql) dot Org Jabber: michael.meskes at gmail dot com VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL
Bug#808296: tor: Latest version doesn't start
Hi, Michael Meskes wrote (18 Dec 2015 18:33:50 GMT) : > That seems to solve it.tor's working now. Cool. It would be interesting to see the corresponding AppArmor denial logs, if any. https://wiki.debian.org/AppArmor/Debug might be helpful. Cheers! -- intrigeri
